Mirage_crypto_ec.Dh
Diffie-Hellman key exchange.
secret_of_octets ~compress secret
decodes the provided buffer as secret
. If compress
is provided and true
(defaults to false
), the shared part will be compressed. May result in an error if the buffer had an invalid length or was not in bounds.
val secret_to_octets : secret -> string
secret_to_octets secret
encodes the provided secret into a freshly allocated buffer.
val gen_key :
?compress:bool ->
?g:Mirage_crypto_rng.g ->
unit ->
secret * string
gen_key ~compress ~g ()
generates a private and a public key for Ephemeral Diffie-Hellman. If compress
is provided and true
(defaults to false
), the shared part will be compressed. The returned key pair MUST only be used for a single key exchange.
The generated private key is checked to be greater than zero and lower than the group order meaning the public key cannot be the point at inifinity.
key_exchange secret received_public_key
performs Diffie-Hellman key exchange using your secret and the data received from the other party. Returns the shared secret or an error if the received data is wrongly encoded, doesn't represent a point on the curve or represent the point at infinity.
The shared secret is returned as is i.e. not stripped from leading 0x00 bytes.
The public key encoding is described in SEC 1 from SECG.